LulzSec Strike Again - And Again

It seems as if the recent wave of hacking is not going to
end anytime soon, with the group behind the latest Sony breach managing to hack
Nintendo and an FBI-affiliate website over the weekend.

LulzSec, the group who stole one million Sony Pictures accounts last week, has now admitted to breaching Nintendo’s servers
and those of InfraGard, a US private sector affiliate of the FBI. Nintendo
confirmed that its US website had been attacked but that no company or customer
information have been leaked. In fact what LulzSec took was a server
configuration file and in a post on its Twitter feed, the group said it hoped
“Nintendo plugs the gap.” In a later tweet, the group said: "Re: Nintendo,
we just got a config file and made it clear that we didn't mean any harm.
Nintendo had already fixed it anyway." A spokesperson for Nintendo said:
"We are always working to make sure our systems are secure." While
the breach seems to be relatively minor and won’t affect Nintendo’s operations,
it is not ideal as it prepares to unveil it’s next generation console,
codenamed Project Café, at this year’s E3 show in Los Angeles.

While Nintendo may have got off relatively lightly, the same
cannot be said for the Atlanta chapter of InfraGard. LulzSec managed to steal
the passwords of 180 members of the non-profit organisation, including military
users and cyber-security companies.InfraGard connects businesses to law enforcement agencies and works
closely with the FBI. "Someone did compromise the website," the Associated
Press was told by InfraGard Atlanta president, Paul Farley. "We do not at
this time know how the attack occurred or the method used to reveal the
passwords." While 180 passwords is not a large amount considering the
amount of passwords taken in the Sony breach, these users have access to a lot
more sensitive information and most re-use their passwords in other locations,
a practice frowned upon by the FBI and InfraGard. One of the stolen passwords
belonged to Karim Hijazi, who used his Infragard password for his personal
Gmail account – and the Gmail account of the company. The company, called Unveillance, is a
whitehat (or ethical hacking) company that specializes in data breaches and botnets and according
to LulzSec “was compromised because of Karim's incompetence. We stole all of
his personal emails and his company emails. We also briefly took over, among
other things, their servers and their botnet control panel.”

But the story doesn’t end there for Hijazi. LulzSec claim it
contacted him to explain the situation and he offered to pay the group to
eliminate his competitors through illegal hacking means in return for their
silence. LulzSec say they were just stringing him along to expose him and it
has published his contact information and almost 1,000 internal company emails.
Some of the emails relate to an illegal attempt to control Libyan cyberspace,
according to LulzSec. The reason given by the group for the attack on InfraGard
was the recent attempts by NATO and the US government to have cyber-attacks
declared as acts of war

With cyber attacks currently getting widespread
coverage in print and online media there is no doubt that governments around
the world are going to have to do something to counter these threats, but so
far they have looked like they are five steps behind the hackers at every turn.

Free Newsletter

Get TrustedReviews' award-winning reviews, opinions and advice delivered to your inbox for free!

By submitting your details, you'll also receive emails from Time Inc. UK, publisher of Trusted Reviews and
other iconic brands about its goods and services, and those of its carefully selected third parties.

Please tick here if you'd prefer not to hear about:

Time Inc.'s goods & services, including all the latest news, great deals and offers

Free Newsletter

Get TrustedReviews' award-winning reviews and advice delivered to your inbox for free!

By submitting your details, you'll also receive emails from Time Inc. UK, publisher of Trusted Reviews and
other iconic brands about its goods and services, and those of its carefully selected third parties.

Please tick here if you'd prefer not to hear about:

Time Inc.'s goods & services, including all the latest news, great deals and offers